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1 Virtual machine monitors: Terra: a virtual machine-based platform for trusted 
▲ computing 

^ Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh 

October 2003 Proceedings of the nineteenth ACM symposium on Operating 

systems principles 
Publisher: ACM Press 

Full text available: ^fidflj 40.31. Additional Information: MLcjtation, abstract, references, citings, 
KB) index terms 

We present a flexible architecture for trusted computing, called Terra, that allows 
applications with a wide range of security requirements to run simultaneously on 
commodity hardware. Applications on Terra enjoy the semantics of running on a 
separate, dedicated, tamper-resistant hardware platform, while retaining the 
ability to run side-by-side with normal applications on a general-purpose 
computing platform. Terra achieves this synthesis by use of a trusted virtual 
machine monitor (TVMM ... 

Keywords: VMM, attestation, authentication, trusted computing, virtual 
machine, virtual machine monitor 



2 Pioneer: verifying code integrity and enforcing untampered code execution 
j& on legacy systems 

X&rVW' - J - -J- -- 

Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doom, Pradeep 
Khosla 

October 2005 ACM SIGOPS Operating Systems Review , Proceedings of the 
twentieth ACM symposium on Operating systems principles 
SOSP '05, Volume 39 Issue 5 
Publisher: ACM Press 

Full text available: ||pdf(264.30 Additional Information: full citation, abstract, references, index terms 
KB). 

We propose a primitive, called Pioneer, as a first step towards verifiable code 
execution on untrusted legacy hosts. Pioneer does not require any hardware 
support such as secure co-processors or CPU-architecture extensions. We 
implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used 
as a basic building block to build security systems. We demonstrate this by 
building a kernel rootkit detector. 
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Keywords: dynamic root of trust, rootkit detection, self-check-summing code, 
software- based code attestation, verifiable code execution 



3 Wireless LAN security and laboratory designs 
Yasir Zahur, T. Andrew Yang 

January 2004 Journal of Computing Sciences in Colleges, Volume 19 Issue 3 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: gfidfil 8124 Addjtjona | information: full citation , abstract , references , index terms 
KB ) 

For the past couple of years, increasing number of wireless local area networks 
(WLANs), based on the IEEE 802.11 protocols, have been deployed in various 
types of locations, including homes, schools, airports, business offices, 
government buildings, military facilities, coffee shops, book stores, as well as 
many other venues. One of the primary advantages offered by WLAN is its ability 
to provide untethered connectivity to portable devices, such as wireless laptops 
and PDAs. In some remote comm ... 

4 Securing wireless applications: ESCORT: a decentralized and localized 
|k access control system for mobile wireless access to secured domains 
^ Jiejun Kong, Shirshanka Das, Edward Tsai, Mario Gerla 

September 2003 Proceedings of the 2003 ACM workshop on Wireless security 
Publisher: ACM Press 

Full text available: ^pMi9172 Additional Information: full citation , abstract , references , index terms 
KB) 

In this work we design and implement ESCORT, a backward compatible, efficient, 
and secure access control system, to facilitate mobile wireless access to secured 
wireless LANs. In mobile environments, a mobile guest may frequently roam into 
foreign domains while demanding critical network services. ESCORT provides 
instant yet secure access to the mobile guest based on the concept of "escort 1 , 
which refers to a special network object with four distinct properties: (1) T ... 

Keywords: decentralized access control, identity privacy, location privacy, 
mobile privacy, wireless security 



Mobile services: Reincarnating PCs with portable SoulPads 
Ramon Caceres, Casey Carter, Chandra Narayanaswami, Mandayam Raghunath 
June 2005 Proceedings of the 3rd international conference on Mobile 

systems, applications, and services MobiSys '05 
Publisher: ACM Press 

Full text available: f| pdf(1 99.97 Addjtjona , information: full citation , abstract , references 
KB) 

The ability to walk up to any computer, personalize it, and use it as one's own 
has long been a goal of mobile computing research. We present SoulPad, a new 
approach based on carrying an auto-configuring operating system along with a 
suspended virtual machine on a small portable device. With this approach, the 
computer boots from the device and resumes the virtual machine, thus giving the 
user access to his personal environment, including previously running 
computations. SoulPad ha ... 

Security as a new dimension in embedded system design: Security as a new | 
dimension in embedded system design 

Srivaths Ravi, Paul Kocher, Ruby Lee, Gary McGraw, Anand Raghunathan 
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June 2004 Proceedings of the 41st annual conference on Design automation 
Publisher: ACM Press 

Full text available: ^] pdf(209.10 Additional Information: full citation , abstract , references , citings , 
KB) jndex terms 

The growing number of instances of breaches in information security in the last 
few years has created a compelling case for efforts towards secure electronic 
systems. Embedded systems, which will be ubiquitously used to capture, store, 
manipulate, and access data of a sensitive nature, pose several unique and 
interesting security challenges. Security has been the subject of intensive 
research in the areas of cryptography, computing, and networking. However, 
despite these efforts, security is ... 

Keywords: PDAs, architectures, battery life, cryptography, design, design 
methodologies, digital rights management, embedded systems, performance, 
security, security processing, security protocols, sensors, software attacks, 
tamper resistance, trusted computing, viruses 
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December 1995 ACM SIGOPS Operating Systems Review , Proceedings of the 

fifteenth ACM symposium on Operating systems principles 

SOSP '95, Volume 29 Issue 5 
Publisher: ACM Press 

Full text available: ^ pdf(1.84 MB) Additional Information: full citation , references , citings , index terms 



Macintosh OS X: a smooth migration [ 
Scott E. Hanselman, Mahmoud Pegah 

September 2003 Proceedings of the 31st annual ACM SIGUCCS conference on 

User services 
Publisher: ACM Press 

Full text available: ^ML2Q§&1 Additional Information: full citation, abstract, references, index terms 
KB) 

The Ringling School of Art and Design is a fully accredited four year college of 
visual art and design with a student population of approximately 1000. The 
Ringling School has achieved national recognition for its large-scale integration of 
technology into collegiate visual art and design education and maintains a 
student to computer ratio of better than two to one. Due to the demand for 
computing power and the requirement for ease of use, we moved our 
instructional computer laboratories to the ... 

Keywords: Macintosh OS X, NFS, NIS, SSH, fonts, migration, network 



Alan M. Mainwaring, David E. Culler 

May 1999 ACM SIGPLAN Notices , Proceedings of the seventh ACM SIGPLAN 
symposium on Principles and practice of parallel programming 
PPoPP '99, Volume 34 Issue 8 

Publisher: ACM Press 

Full text available' * ^pdf(1.57 MB) AddJtional Information: full citation , abstract , references , citings , 
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Virtual networks provide applications with the illusion of having their own 
dedicated, high-performance networks, although network interfaces posses 
limited, shared resources. We present the design of a large-scale virtual network 
system and examine the integration of communication programming interface, 
system resource management, and network interface operation. Our 
implementation on a cluster of 100 workstations quantifies the impact of 
virtualization on small message latencies and throughput ... 

Keywords: application programming interfaces, direct network access, 
high-performance clusters, protocol architecture and implementation, system 
resource management, virtual networks 



10 Security: Web-based interactive courseware for information security 
0^ Andy Ju An Wang 

October 2005 Proceedings of the 6th conference on Information technology 

education SIGITE '05 
Publisher: ACM Press 

Full text available: f| pdf(346.90 Additiona | information: full citation , abstract , references , index terms 
KB) 

Interactive courseware encourages student participation and active learning. 
Prior research and teaching experience has shown that IT students prefer to learn 
information security in a hands-on manner. How do we offer information security 
as a distance learning course while give students the similar hands-on teaching 
and learning style as we do in a traditional classroom or lab? This paper 
discusses our experience in developing Web-based multimedia and interactive 
courseware for an undergraduate ... 

Keywords: active learning, information security, interactivity 



11 Devirtualizable virtual machines enabling general, single-node, online 
0, maintenance 

— : 

David E. Lowell, Yasushi Saito, Eileen J. Samberg 

October 2004 ACM SIGARCH Computer Architecture News , ACM SIGOPS 
Operating Systems Review , ACM SIGPLAN Notices , 
Proceedings of the 11th international conference on 
Architectural support for programming languages and 
operating systems ASPLOS-XI, Volume 32 , 38 , 39 Issue 5,5,11 
Publisher: ACM Press 

Full text available: ^J.pdf(174.01 Additional Information: Ml .citation, abstract, references, cjtinjgs, 
KB) index terms 



Maintenance is the dominant source of downtime at high availability sites. 
Unfortunately, the dominant mechanism for reducing this downtime, cluster 
rolling upgrade, has two shortcomings that have prevented its broad acceptance. 
First, cluster-style maintenance over many nodes is typically performed a few 
nodes at a time, mak-ing maintenance slow and often impractical. Second, 
cluster-style maintenance does not work on single-node systems, despite the fact 
that their unavailability during mainte ... 

Keywords: availability, online maintenance, planned downtime, virtual 
machines 
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Atul Adya, Paramvir Bahl, Ranveer Chandra, Lili Qiu 

September 2004 Proceedings of the 10th annual international conference on 
Mobile computing and networking 

Publisher: ACM Press 

Full text available: f| pdf(303.82 Additjona | information: fujl .citation, abstract, nrferencg, index terms 



The wide-scale deployment of IEEE 802.11 wireless networks has generated 
significant challenges for Information Technology (IT) departments in 
corporations. Users frequently complain about connectivity and performance 
problems, and network administrators are expected to diagnose these problems 
while managing corporate security and coverage. Their task is particularly 
difficult due to the unreliable nature of the wireless medium and a lack of 
intelligent diagnostic tools for determining the cause ... 

Keywords: IEEE 802.11, disconnected clients, fault detection, fault diagnosis, 
infrastructure wireless networks, rogue APs 



13 E.ylt!D.9..0SX.in„an 
David L. R. Houston 

September 2003 Proceedings of the 31st annual ACM SIGUCCS conference on 

User services 
Publisher: ACM Press 

Full text available: Additiona , | nformation: fu || citation , abstract , index terms 
KB) 

This paper discusses the challenges of putting Apple Macintosh OSX into open 
access and computer lab environments. 

Keywords: Macintosh, OSX, configuration, imaging, integration, lab, labs, 
maintenance, open access, security, software distribution, workstation 



14 A. security m | 
Iliya K. Georgiev, Ivo I. Georgiev 

October 2001 Journal of Computing Sciences in Colleges, Volume 17 Issue 1 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: ^.pdf(47 ; 43 KB) Additional Information: full .citation, abstract, references, index . terms 

This paper presents a multi-tier model for secure computing as a teaching 
method platform. The security model is based on establishing the trustworthiness 
and role of each component in a distributed computing environment: trusted 
users, trusted servers, trusted administrators, untrusted client, untrusted 
communication media and intermediate systems, etc. The model provides a basis 
for teaching and for program system design. The security dimensions (both social 
and technical) can be considered in ... 

Giuseppe Desoli, Nikoiay Mateev, Evelyn Duesterwald, Paoio Faraboschi, Joseph A. 
Fisher 

November 2002 Proceedings of the 35th annual ACM/IEEE international 
symposium on Microarchitecture 

Publisher: IEEE Computer Society Press 

Full text available: | |pdf(1.27 MB) Additional Information: full citation , abstract , references , citings , 
IP Publisher Site index.terms 
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The Dynamic Execution Layer Interface (DELI) offers the following unique 
capability: it provides fine-grain control over the execution of programs, by 
allowing its clients to observe and optionally manipulate every single 
instruction— at run time— just before it runs. DELI accomplishes this by opening 
up an interface to the layer between the execution of software and hardware. To 
avoid the slowdown, DELI caches a private copy of the executed code and always 
runs out of its own private cache. In ... 

16 Service-oriented device communications using the devices profile for web 
% services 

Frangois Jammes, Antoine Mensch, Harm Smit 

November 2005 Proceedings of the 3rd international workshop on 

Middleware for pervasive and ad-hoc computing MP AC '05 

Publisher: ACM Press 

Full text available: f|| pdf(479.82 Additional Information: fyLcitetion, abstract, references, index terms 



This paper outlines the benefits of adopting service-oriented architectures at the 
level of communications between resource-constrained embedded devices. It 
focuses on the usage of the Devices Profile for Web Services as the underpinning 
of such architectures for "smart" devices and discusses an early implementation 
thereof. It further illustrates how "dumb" or "legacy" devices can be integrated 
using a gatewaying approach. 

Keywords: communication infrastructure, device networking, service-oriented 
architecture, web service 



17 D§pJpymeDia 
in Korea 

Youngkyu Choi, Jeongyeup Paek, Sunghyun Choi, Go Woon Lee, Jae Hwan Lee, 
Hanwook Jung 

September 2003 Proceedings of the 1st ACM international workshop on 

Wireless mobile applications and services on WLAN hotspots 
Publisher: ACM Press 

Full text available: H pdf(774.23 Addrt jonal Information: full citation, abstract, references, index terms 
KB) 

A wireless LAN (WLAN)-based Internet service, called NESPOT, of Korea Telecom 
(KT), the biggest telecommunication and Internet service company in Korea, has 
been operational since early 2002. As the numbers of subscribers and deployed 
access points (APs) increase, KT has been endeavoring to improve its service 
quality as well as the network management. In this paper, we introduce a joint 
effort between Seoul National University (SNU) and KT to achieve it. We have 
been addressing two major issues ... 

Keywords: IEEE 802.11, LAN, hotspot service, wireless internet service provider 
(WISP) 
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19 A key recovery attack on the 802.1 1b wired equivalent privacy protocol 
#> (WEP) 

^ Adam Stubblefield, John Ioannidis, Aviel D. Rubin 

May 2004 ACM Transactions on Information and System Security (TISSEC), 

Volume 7 Issue 2 
Publisher: ACM Press 

Full text available: J| pdf(207.38 Addjtjona | information: full citation , abstract , references , index terms 



In this paper, we present a practical key recovery attack on WEP, the link-layer 
security protocol for 802.11b wireless networks. The attack is based on a partial 
key exposure vulnerability in the RC4 stream cipher discovered by Fluhrer, 
Mantin, and Shamir. This paper describes how to apply this flaw to breaking 
WEP, our implementation of the attack, and optimizations that can be used to 
reduce the number of packets required for the attack. We conclude that the 
802.11b WEP standard is completely ... 

Keywords: Wireless security, wired equivalent privacy 



20 OS X: a ten-step program 
^ Crystal R. Miller, Henry R. Bent 

v October 2004 Proceedings of the 32nd annual ACM SIGUCCS conference on 
User services 
Publisher: ACM Press 

Full text available: f| pdf(1 74.95 Additiona | information: Ml citation, abstract, references, intojterms 



Updating Oberlin College's eight Macintosh computer labs from the conventional 
OS 9 of our youth to Apple's newest, sexy, Unix-based OS X has been the 
embodiment of our institution's historic motto, "Learning and Labor". New 
challenges, incompatibilities, and excitement have greeted our IT staff most 
every step of the way. Gone are the days of brightly colored computers, 
RevRdist, Pcounter, and happy Macs. Today our labs are filled with sleek 
flat-panel iMacs and Pharos Release Stations while ... 

Keywords: Macintosh, OS X, printing, public laboratories, radmind 
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1 Virtual machine monitors: Terra: a virtual machine-based platform for trusted 
^ computing 

^ Tai Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh 

October 2003 Proceedings of the nineteenth ACM symposium on Operating 

systems principles 
Publisher: ACM Press 

Full text available: ^fi<ffQ40..31. Additional Information: Mcrtation, abstract, references, citings, 
KB) index terms 

We present a flexible architecture for trusted computing, called Terra, that allows 
applications with a wide range of security requirements to run simultaneously on 
commodity hardware. Applications on Terra enjoy the semantics of running on a 
separate, dedicated, tamper-resistant hardware platform, while retaining the 
ability to run side-by-side with normal applications on a general-purpose 
computing platform. Terra achieves this synthesis by use of a trusted virtual 
machine monitor (TV MM ... / 

Keywords: VMM, attestation, authentication, trusted computing, virtual 
machine, virtual machine monitor 



2 Pioneer: verifying code integrity and enforcing untampered code execution 
<^ on legacy systems 

^ Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doom, Pradeep 
Khosla 

October 2005 ACM SIGOPS Operating Systems Review , Proceedings of the 
twentieth ACM symposium on Operating systems principles 
SOSP '05, Volume 39 Issue 5 

Publisher: ACM Press 

Full text available: fH pdf(264.30 Addit j ona | information: MLsSSflSIL abstract, references, index .terms 
KB) 

We propose a primitive, called Pioneer, as a first step towards verifiable code 
execution on untrusted legacy hosts. Pioneer does not require any hardware 
support such as secure co-processors or CPU-architecture extensions. We 
implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used 
as a basic building block to build security systems. We demonstrate this by 
building a kernel rootkit detector. 
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Keywords: dynamic root of trust, rootkit detection, self-check-summing code, 
software-based code attestation, verifiable code execution 



Wireless LAN security and laboratory designs 
Yasir Zahur, T. Andrew Yang 

January 2004 Journal of Computing Sciences in Colleges, Volume 19 Issue 3 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: ^pdfiQ£L24 Additjona | information: full citation , abstract , references , index terms 

For the past couple of years, increasing number of wireless local area networks 
(WLANs), based on the IEEE 802.11 protocols, have been deployed in various 
types of locations, including homes, schools, airports, business offices, 
government buildings, military facilities, coffee shops, book stores, as well as 
many other venues. One of the primary advantages offered by WLAN is its ability 
to provide untethered connectivity to portable devices, such as wireless laptops 
and PDAs. In some remote comm ... 

Securing wireless applications: ESCORT: a decentralized and localized 
access control system for mobile wireless access to secured domains 
Jiejun Kong, Shirshanka Das, Edward Tsai, Mario Gerla 

September 2003 Proceedings of the 2003 ACM workshop on Wireless security 
Publisher: ACM Press 

Full text available: ^pdf(401 [72 Addit j ona | information: full citation , abstract , references , index terms 
KB) 

In this work we design and implement ESCORT, a backward compatible, efficient, 
and secure access control system, to facilitate mobile wireless access to secured 
wireless LANs. In mobile environments, a mobile guest may frequently roam into 
foreign domains while demanding critical network services. ESCORT provides 
instant yet secure access to the mobile guest based on the concept of "escort", 
which refers to a special network object with four distinct properties: (1) T ... 

Keywords: decentralized access control, identity privacy, location privacy, 
mobile privacy, wireless security 



Mobile services: Reincarnating PCs with portable SoulPads 

Ramon Caceres, Casey Carter, Chandra Narayanaswami, Mandayam Raghunath 

June 2005 Proceedings of the 3rd international conference on Mobile 

systems, applications, and services MobiSys '05 
Publisher: ACM Press 

Full text available:|| pdf(199.97 Additional Information: full citation , abstract , references 
KB) 

The ability to walk up to any computer, personalize it, and use it as one's own 
has long been a goal of mobile computing research. We present Sou/Pad, a new 
approach based on carrying an auto-configuring operating system along with a 
suspended virtual machine on a small portable device. With this approach, the 
computer boots from the device and resumes the virtual machine, thus giving the 
user access to his personal environment, including previously running 
computations. SoulPad ha ... 

Security as a new dimension in embedded system design: Security as a new | 
dimension in embedded system design 

Srivaths Ravi, Paul Kocher, Ruby Lee, Gary McGraw, Anand Raghunathan 
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June 2004 Proceedings of the 41st annual conference on Design automation 
Publisher: ACM Press 

Full text available: ^] pdf(209.10 Additional Information: full citation , abstract , references , citings , 
KB) index terms 

The growing number of instances of breaches in information security in the last 
few years has created a compelling case for efforts towards secure electronic 
systems. Embedded systems, which will be ubiquitously used to capture, store, 
manipulate, and access data of a sensitive nature, pose several unique and 
interesting security challenges. Security has been the subject of intensive 
research in the areas of cryptography, computing, and networking. However, 
despite these efforts, security is ... 

Keywords: PDAs, architectures, battery life, cryptography, design, design 
methodologies, digital rights management, embedded systems, performance, 
security, security processing, security protocols, sensors, software attacks, 
tamper resistance, trusted computing, viruses 



7 U;Net;ja^ 

T. von Eicken, A. Basu, V. Buch, W. Vogels 

December 1995 ACM SIGOPS Operating Systems Review , Proceedings of the 
fifteenth ACM symposium on Operating systems principles 
SOSP '95, Volume 29 Issue 5 

Publisher: ACM Press 

Full text available: pdf(1.84 MB) Additional Information: full citation , references , citings , index terms 



Macintosh OS X: a smooth migration 
Scott E. Hanselman, Mahmoud Pegah 

September 2003 Proceedings of the 31st annual ACM SIGUCCS conference on 

User services 
Publisher: ACM Press 
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The Ringling School of Art and Design is a fully accredited four year college of 
visual art and design with a student population of approximately 1000. The 
Ringling School has achieved national recognition for its large-scale integration of 
technology into collegiate visual art and design education and maintains a 
student to computer ratio of better than two to one. Due to the demand for 
computing power and the requirement for ease of use, we moved our 
instructional computer laboratories to the ... 

Keywords: Macintosh OS X, NFS, NIS, SSH, fonts, migration, network 
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Virtual networks provide applications with the illusion of having their own 
dedicated, high-performance networks, although network interfaces posses 
limited, shared resources. We present the design of a large-scale virtual network 
system and examine the integration of communication programming interface, 
system resource management, and network interface operation. Our 
implementation on a cluster of 100 workstations quantifies the impact of 
virtualization on small message latencies and throughput ... 

Keywords: application programming interfaces, direct network access, 
high-performance clusters, protocol architecture and implementation, system 
resource management, virtual networks 



10 Security: Web-based interactive courseware for information security 
Andy Ju An Wang 

October 2005 Proceedings of the 6th conference on Information technology 
education SIGITE '05 

Publisher: ACM Press 

Full text available: f| pdf(346.90 Additiona | information: full citation , abstract , references , index terms 
KB) 

Interactive courseware encourages student participation and active learning. 
Prior research and teaching experience has shown that IT students prefer to learn 
information security in a hands-on manner. How do we offer information security 
as a distance learning course while give students the similar hands-on teaching 
and learning style as we do in a traditional classroom or lab? This paper 
discusses our experience in developing Web-based multimedia and interactive 
courseware for an undergraduate ... 

Keywords: active learning, information security, interactivity 



11 Devirtualizable virtual machines enabling general, single-node, online | 
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David E. Lowell, Yasushi Saito, Eileen J. Samberg 

October 2004 ACM SIGARCH Computer Architecture News , ACM SIGOPS 
Operating Systems Review , ACM SIGPLAN Notices , 
Proceedings of the 11th international conference on 
Architectural support for programming languages and 
operating systems ASPLOS-XI, Volume 32 , 38 , 39 Issue 5,5,11 
Publisher: ACM Press 

Full text available: f||.pdf(1 74.01 Additional Information: full citation, abstract, references, citinjgs, 
KB) index terms 

Maintenance is the dominant source of downtime at high availability sites. 
Unfortunately, the dominant mechanism for reducing this downtime, cluster 
rolling upgrade, has two shortcomings that have prevented its broad acceptance. 
First, cluster-style maintenance over many nodes is typically performed a few 
nodes at a time, mak-ing maintenance slow and often impractical. Second, 
cluster-style maintenance does not work on single-node systems, despite the fact 
that their unavailability during mainte ... 

Keywords: availability, online maintenance, planned downtime, virtual 
machines 
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An organized record of actual flaws can be useful to computer system designers, 
programmers, analysts, administrators, and users. This survey provides a 
taxonomy for computer program security flaws, with an Appendix that documents 
50 actual security flaws. These flaws have all been described previously in the 
open literature, but in widely separated places. For those new to the field of 
computer security, they provide a good introduction to the characteristics of 
security flaws and how they ... 

Keywords: error/defect classification, security flaw, taxonomy 
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November 2005 Proceedings of the 2005 ACM workshop on Storage security 
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Publisher: ACM Press 

Full text available: ^pdf(294,61 Addjtjona | information: full citation , abstract , references , index terms 
KB) 

The rapid increase of sensitive data and the growing number of government 
regulations that require longterm data retention and protection have forced 
enterprises to pay serious attention to storage security. In this paper, we discuss 
important security issues related to storage and present a comprehensive survey 
of the security services provided by the existing storage systems. We cover a 
broad range of the storage security literature, present a critical review of the 
existing solutions, compare ... 

Keywords: authorization, confidentiality, integrity, intrusion detection, privacy 
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v October 1985 Proceedings of the 1985 ACM annual conference on The range 
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Full text available: ^ pdf(1.22 MB) Additional Information: full citation , references , index terms 



Keywords: capability architecture, computer security, distributed system 
security, network encryption 
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The Dynamic Execution Layer Interface (DELI) offers the following unique 
capability: it provides fine-grain control over the execution of programs, by 
allowing its clients to observe and optionally manipulate every single 
instruction— at run time— just before it runs. DELI accomplishes this by opening 
up an interface to the layer between the execution of software and hardware. To 
avoid the slowdown, DELI caches a private copy of the executed code and always 
runs out of its own private cache. In ... 

16 Context and Location: Framework for security and privacy in automotive 
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Sastry Duri, Marco Gruteser, Xuan Liu, Paul Moskowitz, Ronald Perez, Moninder 
Singh, Jung-Mu Tang 

September 2002 Proceedings of the 2nd international workshop on Mobile 

commerce 
Publisher: ACM Press 

Full text available: ®MX2Q3.71 A ddrtional Information: full citation , abstract , index terms 
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Automotive telematics may be defined as the information-intensive applications 
that are being enabled for vehicles by a combination of telecommunications and 
computing technology. Telematics by its nature requires the capture of sensor 
data, storage and exchange of data to obtain remote services. In order for 
automotive telematics to grow to its full potential, telematics data must be 
protected. Data protection must include privacy and security for end-users, 
service providers and application pr ... 

Keywords: automotive telematics, privacy, privacy policies, security 
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^ John S. Erickson 

April 2003 Communications of the ACM, Volume 46 Issue 4 

Publisher: ACM Press 

Full text available: ^pdf(100.36 
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How can DRM architectures protect historical copyright limitations like fair use 
while ensuring the security and property interests of copyright owners? 
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John Reumann, Kang G. Shin 

February 2004 ACM Transactions on Computer Systems (TOCS), Volume 22 
Issue 1 

Publisher: ACM Press 

Full text available: g.pdfl?33 ; 84 Additjona | information: full citation , abstract , references , index terms 

Interposition-based system enhancements for multitiered servers are difficult to 
build because important system context is typically lost at application and 
machine boundaries. For example, resource quotas and user identities do not 
propagate easily between cooperating services that execute on different hosts or 
that communicate with each other via intermediary services. 
Application-transparent system enhancement is difficult to achieve when such 
context information is obscured by complex servic ... 

Keywords: Distributed computing, component services, distributed context, 



6 of 7 



3/31/06 11:25 AM 



Results (page 1): +firmware +virtual ^machine security authenticat... http://portal.acm.org/results.cfm?CFID=7263 1568&CFTOKEN=5. 
• » 

multitiered services, operating systems, server consolidation 
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November 2003 ACM Transactions on Computer Systems (TOCS), Volume 21 

Issue 4 
Publisher: ACM Press 
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The goals of performance and flexibility are often at odds in the design of 
network systems. The tension is common enough to justify an architectural 
solution, rather than a set of context-specific solutions. The Programmable 
Protocol Processing Pipeline (P4) design uses programmable hardware to 
selectively accelerate protocol processing functions. A set of field-programmable 
gate arrays (FPGAs) and an associated library of network processing modules 
implemented in hardware are augmented with so ... 

Keywords: FPGA, P4, computer networking, flexibility, hardware, performance, 
programmable logic devices, programmable networks, protocol processing 
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The 802.11 standard for wireless networks includes a Wired Equivalent Privacy 
(WEP) protocol, used to protect link-layer communications from eavesdropping 
and other attacks. We have discovered several serious security flaws in the 
protocol, stemming from mis-application of cryptographic primitives. The flaws 
lead to a number of practical attacks that demonstrate that WEP fails to achieve 
its security goals. In this paper, we discuss in detail each of the flaws, the 
underlying security princip ... 
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1 Virtual machine monitors: Terra: a virtual machine-based platform for trusted 
H> computing 

^ Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh 

October 2003 Proceedings of the nineteenth ACM symposium on Operating 

systems principles 
Publisher: ACM Press 

Full text available: ^J?df(i40.31 Additional Information: ML9JM9Q. abstract, references, citings, 
KB) index terms 

We present a flexible architecture for trusted computing, called Terra, that allows 
applications with a wide range of security requirements to run simultaneously on 
commodity hardware. Applications on Terra enjoy the semantics of running on a 
separate, dedicated, tamper-resistant hardware platform, while retaining the 
ability to run side-by-side with normal applications on a general-purpose 
computing platform. Terra achieves this synthesis by use of a trusted virtual 
machine monitor (TVMM ... 



Keywords: VMM, attestation, authentication, trusted computing, virtual 
machine, virtual machine monitor 



2 Pioneer: verifying code integrity and enforcing untampered code execution 
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^ Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doom, Pradeep 
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October 2005 ACM SIGOPS Operating Systems Review , Proceedings of the 
twentieth ACM symposium on Operating systems principles 
SOSP '05, Volume 39 Issue 5 

Publisher: ACM Press 

Full text available: H Pdf(264.30 Addit j ona | information: full citation, abstract, references, index terms 
KB) 

We propose a primitive, called Pioneer, as a first step towards verifiable code 
execution on untrusted legacy hosts. Pioneer does not require any hardware 
support such as secure co-processors or CPU-architecture extensions. We 
implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used 
as a basic building block to build security systems. We demonstrate this by 
building a kernel rootkit detector. 
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Mobile services: Reincarnating PCs with portable SoulPads 

Ramon Cciceres, Casey Carter, Chandra Narayanaswami, Mandayam Raghunath 

June 2005 Proceedings of the 3rd international conference on Mobile 

systems, applications, and services MobiSys '05 
Publisher: ACM Press 

Full text available: Wl pdf( 199.97 *. AM ... » , „ . . . . . 

LM-*—* Additional Information: full citation, abstract, references 

KB) 

The ability to walk up to any computer, personalize it, and use it as one's own 
has long been a goal of mobile computing research. We present SoulPad, a new 
approach based on carrying an auto-configuring operating system along with a 
suspended virtual machine on a small portable device. With this approach, the 
computer boots from the device and resumes the virtual machine, thus giving the 
user access to his personal environment, including previously running 
computations. SoulPad ha ... 

Devirtualizable virtual machines enabling general, single-node, online 
maintenance 

David E. Lowell, Yasushi Saito, Eileen J. Samberg 

October 2004 ACM SIGARCH Computer Architecture News , ACM SIGOPS 
Operating Systems Review , ACM SIGPLAN Notices , 
Proceedings of the 11th international conference on 
Architectural support for programming languages and 
operating systems ASPLOS-XI, Volume 32 , 38 , 39 Issue 5,5,11 

Publisher: ACM Press 

Full text available: ^pdfQ 74.01. Additional Information: full citation, abstract, references, crtjnjgs, 
KB) index terms 

Maintenance is the dominant source of downtime at high availability sites. 
Unfortunately, the dominant mechanism for reducing this downtime, cluster 
rolling upgrade, has two shortcomings that have prevented its broad acceptance. 
First, cluster-style maintenance over many nodes is typically performed a few 
nodes at a time, mak-ing maintenance slow and often impractical. Second, 
cluster-style maintenance does not work on single-node systems, despite the fact 
that their unavailability during mainte ... 

Keywords: availability, online maintenance, planned downtime, virtual 
machines 
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B. D. Shriver, J. W. Anderson, L. J. Waguespack, D. M. Hyams, R. A. Bombet 
October 1976 Proceedings of the annual conference 
Publisher: ACM Press 

Full text available: ^ pdf(654.60 Additional Information: full citation , abstract , references , citings , 
KB) index terms 

A virtual machine monitor allows several different operating systems to run 
concurrently on the same machine. This paper presents the description of a 
virtual machine monitor and its support structure which can be implemented on a 
microprogrammable minicomputer or a distributed network of such machines. In 
our approach, all storage, transformational, input, and output resources of the 
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system are accessed through a mapping mechanism. The design and 
implementation methodology for an actual re ... 

6 Architecture of virtual machines 
R. P. Goldberg 

March 1973 Proceedings of the workshop on virtual computer systems 

Full text available: f| pdf(1 .29 MB} Additional Information: full citation, abstract, references, crtinjgs, 
jndex.terms 

In this paper we develop a model which represents the addressing of resources 
by processes executing on a virtual machine. The model distinguishes two maps: 
the o-map which represents the map visible to the operating system software 
running on the virtual machine, and the f-map which is invisible to that software 
but which is manipulated by the virtual machine monitor running on the real 
machine. The 0-map maps process names into resource names and the f-map 
maps virtual resou ... 

ib- shared-memory mult i processors 

^ Kinshuk Govil, Dan Teodosiu, Yongqiang Huang, Mendel Rosenblum 

August 2000 ACM Transactions on Computer Systems (TOCS), Volume 18 Issue 
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Publisher: ACM Press 

Full text available: Qpdf(287J)5 Additional Information: full citation, abstract, references, crtinjgs, 
KB) index terms , review 

Despite the fact that large-scale shared-memory multiprocessors have been 
commercially available for several years, system software that fully utilizes all 
their features is still not available, mostly due to the complexity and cost of 
making the required changes to the operating system. A recently proposed 
approach, called Disco, substantially reduces this development cost by using a 
virtual machine monitor that laverages the existing operating system technology. 
In this paper we present a ... 

Keywords: fault containment, resource managment, scalable multiprocessors, 
virtual machines 
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seventeenth ACM symposium on Operating systems 

principles SOSP '99, Volume 33 Issue 5 
Publisher: ACM Press 

Full text available- 1 11 pdf(1.93 MB) Additional Information: full citation, abstract, references, crtinjgs, 

index terms 

Despite the fact that large-scale shared-memory multiprocessors have been 
commercially available for several years, system software that fully utilizes all 
their features is still not available, mostly due to the complexity and cost of 
making the required changes to the operating system. A recently proposed 
approach, called Disco, substantially reduces this development cost by using a 
virtual machine monitor that leverages the existing operating system 
technology. In this paper we present a syste ... 
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^ Charles W. Flink 

V September 1977 ACM SIGMICRO Newsletter , Proceedings of the 10th annual 
workshop on Microprogramming MICRO 10, Volume 8 Issue 3 
Publisher: IEEE Press, ACM Press 

Full text available: f|[pM7.?3. J..9 Additional Information: full citation, abstract, references, citinjgs, 
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The Emulation Aid SYstem is a virtual machine monitor for the Nanodata QM-1 
microprogrammable computer. The system is designed to provide the user with 
an interactive interface for the development and subsequent use of emulations on 
the QM-1. EASY provides integrated support for: 1) interactive control of 
multiple, concurrently resident, virtual computers implemented via emulation, 2) 
input/output from emulations (virtual I/O) to the various real peripherals of the 
QM-1, and 3) diagnostic d ... 

Keywords: Emulation, Intermediate language machines, Microprogramming, 
Nanodata QM-1, Software engineering, Virtual machine monitors, Virtual 
machines 
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Kai-Ming Chan, Aamir B. Yunus, Terry Sych, Stephen F. Moore, John P. Shen 
October 2004 ACM SIGPLAN Notices , ACM SIGOPS Operating Systems Review 
, ACM SIGARCH Computer Architecture News , Proceedings of 
the 11th international conference on Architectural support for 
programming languages and operating systems ASPLOS-XI, 
Volume 39 , 38 , 32 Issue 11,5,5 
Publisher: ACM Press 

Full text available: ^.pdf(225.47 Additional Information: Mcrtation, abstract, references, citings, 
KB) index terms 

Helper threading is a technology to accelerate a program by exploiting a 
processor's multithreading capability to run % "assist" threads. Previous 
experiments on hyper-threaded processors have demonstrated significant 
speedups by using helper threads to prefetch hard-to-predict delinquent data 
accesses. In order to apply this technique to processors that do not have built-in 
hardware support for multithreading, we introduce virtual multithreading (VMT), 
a novel form of switch-on-event user-level ... 
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^ Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh 

October 2003 Proceedings of the nineteenth ACM symposium on Operating 

systems principles 
Publisher: ACM Press 

Full text available: ^fidgl. 40.31. Additional Information: ML9JMQ.Q. abstract, references, citings, 
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We present a flexible architecture for trusted computing, called Terra, that allows 
applications with a wide range of security requirements to run simultaneously on 
commodity hardware. Applications on Terra enjoy the semantics of running on a 
separate, dedicated, tamper-resistant hardware platform, while retaining the 
ability to run side-by-side with normal applications on a general-purpose 
computing platform. Terra achieves this synthesis by use of a trusted virtual 
machine monitor (TV MM ... 

Keywords: VMM, attestation, authentication, trusted computing, virtual 
machine, virtual machine monitor 
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October 2005 ACM SIGOPS Operating Systems Review , Proceedings of the 
twentieth ACM symposium on Operating systems principles 
SOSP '05, Volume 39 Issue 5 

Publisher: ACM Press 
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We propose a primitive, called Pioneer, as a first step towards verifiable code 
execution on untrusted legacy hosts. Pioneer does not require any hardware 
support such as secure co-processors or CPU-architecture extensions. We 
implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used 
as a basic building block to build security systems. We demonstrate this by 
building a kernel rootkit detector. 
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Mobile services: Reincarnating PCs with portable SoulPads 
Ramon Caceres, Casey Carter, Chandra Narayanaswami, Mandayam Raghunath 
LM * June 2005 Proceedings of the 3rd international conference on Mobile 
systems, applications, and services MobiSys '05 
Publisher: ACM Press 

Full text available:^ pdf(199.97 AdditionaI , nformation: yi citation, abstract, references 
KB) 

The ability to walk up to any computer, personalize it, and use it as one's own 
has long been a goal of mobile computing research. We present SoulPad, a new 
approach based on carrying an auto-configuring operating system along with a 
suspended virtual machine on a small portable device. With this approach, the 
computer boots from the device and resumes the virtual machine, thus giving the 
user access to his personal environment, including previously running 
computations. SoulPad ha ... 

Wireless LAN security and laboratory designs 
Yasir Zahur, T. Andrew Yang 

January 2004 Journal of Computing Sciences in Colleges, Volume 19 Issue 3 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: f | pdf(181.24 Additiona | information: full citation , abstract , references , index terms 
KB) 

For the past couple of years, increasing number of wireless local area networks 
(WLANs), based on the IEEE 802.11 protocols, have been deployed in various 
types of locations, including homes, schools, airports, business offices, 
government buildings, military facilities, coffee shops, book stores, as well as 
many other venues. One of the primary advantages offered by WLAN is its ability 
to provide untethered connectivity to portable devices, such as wireless laptops 
and PDAs. In some remote comm ... 

Securing wireless applications: ESCORT: a decentralized and localized 
access control system for mobile wireless access to secured domains 
Jiejun Kong, Shirshanka Das, Edward Tsai, Mario Gerla 

September 2003 Proceedings of the 2003 ACM workshop on Wireless security 
Publisher: ACM Press 

Full text available, *^ pdf(401 .72 Additional Information: full cit ation, abstract, references, index terms 
KB) 

In this work we design and implement ESCORT, a backward compatible, efficient, 
and secure access control system, to facilitate mobile wireless access to secured 
wireless LANs. In mobile environments, a mobile guest may frequently roam into 
foreign domains while demanding critical network services. ESCORT provides 
instant yet secure access to the mobile guest based on the concept of "escort", 
which refers to a special network object with four distinct properties: (1) T ... 

Keywords: decentralized access control, identity privacy, location privacy, 
mobile privacy, wireless security 
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September 2004 Proceedings of the 10th annual international conference on 
Mobile computing and networking 

Publisher: ACM Press 

Full text available: gpd£303,82 Addjtiona | information: full citation , abstract , references , index terms 
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The wide-scale deployment of IEEE 802.11 wireless networks has generated 
significant challenges for Information Technology (IT) departments in 
corporations. Users frequently complain about connectivity and performance 
problems, and network administrators are expected to diagnose these problems 
while managing corporate security and coverage. Their task is particularly 
difficult due to the unreliable nature of the wireless medium and a lack of 
intelligent diagnostic tools for determining the cause ... 

Keywords: IEEE 802.11, disconnected clients, fault detection, fault diagnosis, 
infrastructure wireless networks, rogue APs 
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^ Stephen Michell, Kannan Srinivasan 

October 2004 Proceedings of the 1st ACM international workshop on 
Performance evaluation of wireless ad hoc, sensor, and 
ubiquitous networks 
Publisher: ACM Press 
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State Based Key Hop (SBKH) protocol provides a strong, lightweight encryption 
scheme for battery operated devices, such as the sensors in a wireless sensor 
network, as well as small office home office (SOHO) users. Although SBKH can be 
applied to many underlying protocols, in this paper, we focus on integrating 
SBKH with 802.11. Hence we compare SBKH with other 802.11 security protocols 
and show that SBKH eliminates all the issues with wired equivalent privacy 
(WEP) protocol, using the existing ... 

Keywords: computer network security, low power security, state based 
encryption, wireless security, wireless sensor network security 
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Full text available: ^ pdf(47.43 KB) Additional Information: full citation , abstract , references , index terms 

This paper presents a multi-tier model for secure computing as a teaching 
method platform. The security model is based on establishing the trustworthiness 
and role of each component in a distributed computing environment: trusted 
users, trusted servers, trusted administrators, untrusted client, untrusted 
communication media and intermediate systems, etc. The model provides a basis 
for teaching and for program system design. The security dimensions (both social 
and technical) can be considered in ... 

9 Security as a new dimension in embedded system design: Security as a new Q 
«lb dimension in embedded system design 

^ Srivaths Ravi, Paul Kocher, Ruby Lee, Gary McGraw, Anand Raghunathan 

June 2004 Proceedings of the 41st annual conference on Design automation 
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The growing number of instances of breaches in information security in the last 
few years has created a compelling case for efforts towards secure electronic 
systems. Embedded systems, which will be ubiquitously used to capture, store, 
manipulate, and access data of a sensitive nature, pose several unique and 
interesting security challenges. Security has been the subject of intensive 
research in the areas of cryptography, computing, and networking. However, 
despite these efforts, security is ... 

Keywords: PDAs, architectures, battery life, cryptography, design, design 
methodologies, digital rights management, embedded systems, performance, 
security, security processing, security protocols, sensors, software attacks, 
tamper resistance, trusted computing, viruses 



10 Design challenges of virtual networks: fast, general-purpose communication Q 
^ Alan M. Mainwaring, David E. Culler 

^ May 1999 ACM SIGPLAN Notices , Proceedings of the seventh ACM SIGPLAN 
symposium on Principles and practice of parallel programming 
PPoPP "99, Volume 34 Issue 8 
Publisher: ACM Press 

Full text available: ffi P df{1.57 MB) Additional Information: full citation, abstract, references, crtinjgs, 
^ index terms 

Virtual networks provide applications with the illusion of having their own 
dedicated, high-performance networks, although network interfaces posses 
limited, shared resources. We present the design of a large-scale virtual network 
system and examine the integration of communication programming interface, 
system resource management, and network interface operation. Our 
implementation on a cluster of 100 workstations quantifies the impact of 
virtualization on small message latencies and throughput ... 

Keywords: application programming interfaces, direct network access, 
high-performance clusters, protocol architecture and implementation, system 
resource management, virtual networks 



11 Service-oriented device communications using the de vices profile for web 
services 

Frangois Jammes, Antoine Mensch, Harm Smit 

November 2005 Proceedings of the 3rd international workshop on 

Middleware for pervasive and ad-hoc computing MPAC '05 

Publisher: ACM Press 

Full text available: < f§ pdf(479.82 Addit i ona | information: full citation , abstract , references , index terms 
KB) 

This paper outlines the benefits of adopting service-oriented architectures at the 
level of communications between resource-constrained embedded devices. It 
focuses on the usage of the Devices Profile for Web Services as the underpinning 
of such architectures for "smart" devices and discusses an early implementation 
thereof. It further illustrates how "dumb" or "legacy" devices can be integrated 
using a gatewaying approach. 

Keywords: communication infrastructure, device networking, service-oriented 
architecture, web service 
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Youngkyu Choi, Jeongyeup Paek, Sunghyun Choi, Go Woon Lee, Jae Hwan Lee, 
Hanwook Jung 

September 2003 Proceedings of the 1st ACM international workshop on 

Wireless mobile applications and services on WLAN hotspots 

Publisher: ACM Press 

Full text available: Wi pdf(774.23 A .. M M . » , „ » UA . , . . A 
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A wireless LAN (WLAN)-based Internet service, called NESPOT, of Korea Telecom 
(KT), the biggest telecommunication and Internet service company in Korea, has 
been operational since early 2002. As the numbers of subscribers and deployed 
access points (APs) increase, KT has been endeavoring to improve its service 
quality as well as the network management. In this paper, we introduce a joint 
effort between Seoul National University (SNU) and KT to achieve it. We have 
been addressing two major issues ... 

Keywords: IEEE 802.11, LAN, hotspot service, wireless internet service provider 
(WISP) 
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October 2004 ACM SIGARCH Computer Architecture News , ACM SIGOPS 
Operating Systems Review , ACM SIGPLAN Notices , 
Proceedings of the 11th international conference on 
Architectural support for programming languages and 
operating systems ASPLOS-XI, Volume 32 , 38 , 39 Issue 5,5,11 

Publisher: ACM Press 

Full text available: *|| pdf(174.01 Additional Information: full citation , abstract , references , citings , 
KB) ipdexterms 

Maintenance is the dominant source of downtime at high availability sites. 
Unfortunately, the dominant mechanism for reducing this downtime, cluster 
rolling upgrade, has two shortcomings that have prevented its broad acceptance. 
First, cluster-style maintenance over many nodes is typically performed a few 
nodes at a time, mak-ing maintenance slow and often impractical. Second, 
cluster-style maintenance does not work on single-node systems, despite the fact 
that their unavailability during mainte ... 

Keywords: availability, online maintenance, planned downtime, virtual 
machines 
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^ October 2005 Proceedings of the 2nd ACM international workshop on 
Performance evaluation of wireless ad hoc, sensor, and 
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Publisher: ACM Press 

Full text available: f| pdf(174.47 Add[tiona , | nformation: M Nation , abstract , references , index terms 
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In this paper, we present Dynamic Re-keying with Key Hopping (DRKH) 
encryption protocol that uses RC4 encryption technique to ensure a strong 
security level with the advantage of low execution cost compared to other IEEE 
802.11 security schemes. 

Keywords: WLAN security, authentication, dynamic re-keying, key hopping, low 
power devices 



15 Putting OSX in an open access lab: (or "The Joy of X") 
Jfy David L. R. Houston 

v September 2003 Proceedings of the 31st annual ACM SIGUCCS conference on 
User services 
Publisher: ACM Press 

Full text available: ®fidfi21 1 .45 Additiona | information: full citation, abstract, index terms 
KB) 

This paper discusses the challenges of putting Apple Macintosh OSX into open 
access and computer lab environments. 

Keywords: Macintosh, OSX, configuration, imaging, integration, lab, labs, 
maintenance, open access, security, software distribution, workstation 



16 A key recovery attack on protocol 

^ Adam Stubblefield, John Ioannidis, Aviel D. Rubin 

May 2004 ACM Transactions on Information and System Security (TISSEC), 

Volume 7 Issue 2 
Publisher: ACM Press 

Full text available: ^fidf(207 Addit j ona | information: full citation, abstract, references, index terms 
KB) 

In this paper, we present a practical key recovery attack on WEP, the link-layer 
security protocol for 802.11b wireless networks. The attack is based on a partial 
key exposure vulnerability in the RC4 stream cipher discovered by Fluhrer, 
Mantin, and Shamir. This paper describes how to apply this flaw to breaking 
WEP, our implementation of the attack, and optimizations that can be used to 
reduce the number of packets required for the attack. We conclude that the 
802.11b WEP standard is completely ... 

Keywords: Wireless security, wired equivalent privacy 
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v September 2003 Proceedings of the 31st annual ACM SIGUCCS conference on 
User services 

Publisher: ACM Press 

Full text available: f|M{2p8.,8.1 Additional Information: full citation , abstract , references , index terms 
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The Ringling School of Art and Design is a fully accredited four year college of 
visual art and design with a student population of approximately 1000. The 
Ringling School has achieved national recognition for its large-scale integration of 
technology into collegiate visual art and design education and maintains a 
student to computer ratio of better than two to one. Due to the demand for 
computing power and the requirement for ease of use, we moved our 
instructional computer laboratories to the ... 
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Keywords: Macintosh OS X, NFS, NIS, SSH, fonts, migration, network 
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John L. MacMichael 

September 2005 Linux Journal, Volume 2005 Issue 137 
Publisher: Specialized Systems Consultants, Inc. 
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Don't worry about the insecurities of WEP-we have WPA. What? WPA can be 
cracked too? D'oh! 

19 Secur^ 
Andy Ju An Wang 

October 2005 Proceedings of the 6th conference on Information technology 
education SIGITE '05 

Publisher: ACM Press 

Full text available: f| fidf(346 JQ Additiona | information: full citation , abstract , references , index terms 
KB) 

Interactive courseware encourages student participation and active learning. 
Prior research and teaching experience has shown that IT students prefer to learn 
information security in a hands-on manner. How do we offer information security 
as a distance learning course while give students the similar hands-on teaching 
and learning style as we do in a traditional classroom or lab? This paper 
discusses our experience in developing Web-based multimedia and interactive 
courseware for an undergraduate ... 

Keywords: active learning, information security, interactivity 
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December 1995 ACM SIGOPS Operating Systems Review , Proceedings of the 
fifteenth ACM symposium on Operating systems principles 
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1 Virtual machine monitors: Terr a: a virtua l machine-based platform for trusted 

^ fal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh 

October 2003 Proceedings of the nineteenth ACM symposium on Operating 

systems principles 
Publisher: ACM Press 

Full text available: ^pdf(.14.Q,31. Additional Information: ML?iM9D.. abstract, ieM$$9$$, citings, 
KB) index terms 

We present a flexible architecture for trusted computing, called Terra, that allows 
applications with a wide range of security requirements to run simultaneously on 
commodity hardware. Applications on Terra enjoy the semantics of running on a 
separate, dedicated, tamper-resistant hardware platform, while retaining the 
ability to run side-by-side with normal applications on a general-purpose 
computing platform. Terra achieves this synthesis by use of a trusted virtual 
machine monitor (TVMM ... 

Keywords: VMM, attestation, authentication, trusted computing, virtual 
machine, virtual machine monitor 



2 Pioneer: verifying code integrity and enforcing untampered code execution 
g|> on legacy systems 

™ Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doom, Pradeep 
Khosla 

October 2005 ACM SIGOPS Operating Systems Review , Proceedings of the 
twentieth ACM symposium on Operating systems principles 
SOSP '05, Volume 39 Issue 5 

Publisher: ACM Press 

Full text available. 1§ pdf(264.30 Additional Information: full citation, abstract, references, index terms 
KB) 

We propose a primitive, called Pioneer, as a first step towards verifiable code 
execution on untrusted legacy hosts. Pioneer does not require any hardware 
support such as secure co-processors or CPU-architecture extensions. We 
implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used 
as a basic building block to build security systems. We demonstrate this by 
building a kernel rootkit detector. 
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Keywords: dynamic root of trust, rootkit detection, self-check-summing code, 
software-based code attestation, verifiable code execution 



Mobile services: Reincarnating PCs with portable SoulPads | 
Ramon C^ceres, Casey Carter, Chandra Narayanaswami, Mandayam Raghunath 
June 2005 Proceedings of the 3rd international conference on Mobile 

systems, applications, and services MobiSys '05 
Publisher: ACM Press 

Full text available: f| pdf(199.97 MmQnal |nformation: fu| , cjtati abstract references 
KB) 

The ability to walk up to any computer, personalize it, and use it as one's own 
has long been a goal of mobile computing research. We present SoulPad, a new 
approach based on carrying an auto-configuring operating system along with a 
suspended virtual machine on a small portable device. With this approach, the 
computer boots from the device and resumes the virtual machine, thus giving the 
user access to his personal environment, including previously running 
computations. SoulPad ha ... 

Wireless LAN security and laboratory designs 
Yasir Zahur, T. Andrew Yang 

January 2004 Journal of Computing Sciences in Colleges, Volume 19 Issue 3 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: 13 pdf(1 81.24 Additional Information: full citation , abstract , references , index terms 
KB) 

For the past couple of years, increasing number of wireless local area networks 
(WLANs), based on the IEEE 802.11 protocols, have been deployed in various 
types of locations, including homes, schools, airports, business offices, 
government buildings, military facilities, coffee shops, book stores, as well as 
many other venues. One of the primary advantages offered by WLAN is its ability 
to provide untethered connectivity to portable devices, such as wireless laptops 
and PDAs. In some remote comm ... 

Security as a new dimension in embedded system design: Security as a new 
dimension in embedded system design 

Srivaths Ravi, Paul Kocher, Ruby Lee, Gary McGraw, Anand Raghunathan 

June 2004 Proceedings of the 41st annual conference on Design automation 

Publisher: ACM Press 

Full text available: ^ pdf(209.10 Additional Information: full citation , abstract , references , citings , 
KB) IPdexterms 

The growing number of instances of breaches in information security in the last 
few years has created a compelling case for efforts towards secure electronic 
systems. Embedded systems, which will be ubiquitously used to capture, store, 
manipulate, and access data of a sensitive nature, pose several unique and 
interesting security challenges. Security has been the subject of intensive 
research in the areas of cryptography, computing, and networking. However, 
despite these efforts, security is ... 

Keywords: PDAs, architectures, battery life, cryptography, design, design 
methodologies, digital rights management, embedded systems, performance, 
security, security processing, security protocols, sensors, software attacks, 
tamper resistance, trusted computing, viruses 
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Service infastructure and network management: Architecture and techniques 
for diagnosing faults in IEEE 802.1 1 infrastructure networks 
Atul Adya, Paramvir Bahl, Ranveer Chandra, Lili Qiu 

September 2004 Proceedings of the 10th annual international conference on 
Mobile computing and networking 

Publisher: ACM Press 

Full text available: ^pdf(303,82 Addjt j ona | information: full citation , abstract , references , index terms 
KB) 

The wide-scale deployment of IEEE 802.11 wireless networks has generated 
significant challenges for Information Technology (IT) departments in 
corporations. Users frequently complain about connectivity and performance 
problems, and network administrators are expected to diagnose these problems 
while managing corporate security and coverage. Their task is particularly 
difficult due to the unreliable nature of the wireless medium and a lack of 
intelligent diagnostic tools for determining the cause ... 

Keywords: IEEE 802.11, disconnected clients, fault detection, fault diagnosis, 
infrastructure wireless networks, rogue APs 



7 Design challenges of virtual networks: fast, general-purpose communication 
^ Alan M. Mainwaring, David E. Culler 

v May 1999 ACM SIGPLAN Notices , Proceedings of the seventh ACM SIGPLAN 
symposium on Principles and practice of parallel programming 
PPoPP '99, Volume 34 Issue 8 
Publisher: ACM Press 

Full text available: f| pdf{1 .57 MB) Additional Information: full crtatipn, abstract, references, crtinjgs, 
jndex tenrns 

Virtual networks provide applications with the illusion of having their own 
dedicated, high-performance networks, although network interfaces posses 
limited, shared resources. We present the design of a large-scale virtual network 
system and examine the integration of communication programming interface, 
system resource management, and network interface operation. Our 
implementation on a cluster of 100 workstations quantifies the impact of 
virtualization on small message latencies and throughput ... 

Keywords: application programming interfaces, direct network access, 
high-performance clusters, protocol architecture and implementation, system 
resource management, virtual networks 



8 Deployment and testbeds: Enhancement of a WLAN-based internet service 
in Korea 

^ Youngkyu Choi, Jeongyeup Paek, Sunghyun Choi, Go Woon Lee, Jae Hwan Lee, 
Hanwook Jung 

September 2003 Proceedings of the 1st ACM international workshop on 

Wireless mobile applications and services on WLAN hotspots 

Publisher: ACM Press 

Full text available: f| pdf(774.23 Addrtjona | information: full citation , abstract , references , index terms 
KB) 

A wireless LAN (WLAN)-based Internet service, called NESPOT, of Korea Telecom 
(KT), the biggest telecommunication and Internet service company in Korea, has 
been operational since early 2002. As the numbers of subscribers and deployed 
access points (APs) increase, KT has been endeavoring to improve its service 
quality as well as the network management. In this paper, we introduce a joint 
effort between Seoul National University (SNU) and KT to achieve it. We have 



3 of 7 



3/31/06 1:41 PM 



Results (page 1): +firmware +legacy +extensible vmm vm security ... http://portal.acm.org/results.cfm?CFID=72637960&CFTOKEN=8. 
been addressing two major issues ... 
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(WISP) 

9 Service-oriented device communications using the devices profile for web H 

^ Frangois Jammes, Antoine Mensch, Harm Smit 

November 2005 Proceedings of the 3rd international workshop on 

Middleware for pervasive and ad-hoc computing MPAC '05 

Publisher: ACM Press 

Full text available: f|M(479.82 Additional Information: full citation , abstract , references , index terms 
KB) 

This paper outlines the benefits of adopting service-oriented architectures at the 
level of communications between resource-constrained embedded devices. It 
focuses on the usage of the Devices Profile for Web Services as the underpinning 
of such architectures for "smart" devices and discusses an early implementation 
thereof. It further illustrates how "dumb" or "legacy" devices can be integrated 
using a gatewaying approach. 

Keywords: communication infrastructure, device networking, service-oriented 
architecture, web service 
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October 2004 ACM SIGARCH Computer Architecture News , ACM SIGOPS 
Operating Systems Review , ACM SIGPLAN Notices , 
Proceedings of the 11th international conference on 
Architectural support for programming languages and 
operating systems ASPLOS-XI, Volume 32 , 38 , 39 Issue 5,5,11 

Publisher: ACM Press 

Full text available: |j| pdf(174.01 Additional Information: full citation , abstract , references , citings , 
KB). indexterms 

Maintenance is the dominant source of downtime at high availability sites. 
Unfortunately, the dominant mechanism for reducing this downtime, cluster 
rolling upgrade, has two shortcomings that have prevented its broad acceptance. 
First, cluster-style maintenance over many nodes is typically performed a few 
nodes at a time, mak-ing maintenance slow and often impractical. Second, 
cluster-style maintenance does not work on single-node systems, despite the fact 
that their unavailability during mainte ... 

Keywords: availability, online maintenance, planned downtime, virtual 
machines 
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Giuseppe Desoli, Nikoiay Mateev, Evelyn Duesterwald, Paolo Faraboschirioseph A. 
Fisher 

November 2002 Proceedings of the 35th annual ACM/IEEE international 

symposium on Microarchitecture 
Publisher: IEEE Computer Society Press 

Full text available: || pdf(1.27 MB) Additional Information: full citation , abstract , references , citings . 
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The Dynamic Execution Layer Interface (DELI) offers the following unique 
capability: it provides fine-grain control over the execution of programs, by 
allowing its clients to observe and optionally manipulate every single 
instruction— at run time— just before it runs. DELI accomplishes this by opening 
up an interface to the layer between the execution of software and hardware. To 
avoid the slowdown, DELI caches a private copy of the executed code and always 
runs out of its own private cache. In ... 

13 Functional verification — real users, real problems, real opportunities (panel) Q 
Jonah McLeod, Nozar Azarakhsh, Glen Ewing, Paul Gingras, Scott Reedstrom, Chris 

V Rowen 

June 1999 Proceedings of the 36th ACM/IEEE conference on Design 

automation 
Publisher: ACM Press 

Full text available: pdf(2 1.27 KB) Additional Information: full citation , citings , index terms 



14 An implementation and analysis of the virtual interface architecture I I 

Philip Buonadonna, Andrew Geweke, David Culler 
November 1998 Proceedings of the 1998 ACM/IEEE conference on 

Supercomputing (CDROM) 
Publisher: IEEE Computer Society 

Full text available: l|.htm!(60 ; 53 Addit jonal Information: full citation , abstract , references , citings 
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Rapid developments in networking technology and a rise in clustered computing 
have driven research studies in high performance communication architectures. 
In an effort to standardize the work in this area, industry leaders have developed 
the Virtual Interface Architecture (VIA) specification. This architecture seeks to 
provide an operating system-independent infrastructure for high-performance 
user-level networking in a generic environment. This paper evaluates the 
inherent costs and performanc ... 

Keywords: cluster, interconnect, network, system-area, user-level, virtual 
interface architecture 
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This paper sketches the requirements and possibilities of wireless ATM in local 
area networks. Because of the wide range of services supported by ATM 
networks, ATM technology is expected to become the dominant networking 
technology in the mediumtermfor both public infrastructure networks and for 
local area networks. ATM infrastructure can support all types of services, from 
time-sensitive voice communications and desk-top multi-media conferencing, to 
bursty transaction processing and LAN tr ... 

16 Experiences of building an ATM switch for the local area I I 

# Richard Black, Ian Leslie, Derek McAuley 
October 1994 ACM SIGCOMM Computer Communication Review , Proceedings 
of the conference on Communications architectures, protocols 
and applications SIGCOMM '94, Volume 24 Issue 4 
Publisher: ACM Press 
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The Fairisle project was concerned with ATM in the local area. An earlier paper 
[9] described the preliminary work and plans for the project. Here we present the 
experiences we have had with the Fairisle network, describing how 
implementation has changed over the life of the project, the lessons learned, and 
some conclusions about the work so far. 

17 Multihop wireless measurements: Cooperative packet scheduling via I I 
<|b Pipelining in 802.11 wireless networks 

^ Ramana Rao Kompella, Sriram Ramabhadran, Ishwar Ramani, Alex C. Snoeren 
August 2005 Proceeding of the 2005 ACM SIGCOMM workshop on 

Experimental approaches to wireless network design and 
analysis E-WIND '05 

Publisher: ACM Press 

Full text available: f|pdf(21 8.04 Additjona | information: full citation, abstract, rcferejncm, index.tejms 



The proliferation of 802.11a/b/g based wireless devices has fueled their adoption 
in many domains — some of which are unforseen. Yet, these devices lack native 
support for some of the advanced features (such as service differentiation, etc.) 
required in specific application domains. A subset of these features relies on 
cooperative scheduling whereby nodes cooperate among each other to effectively 
manage resources such as power, throughput and interference in wireless 
networks. The trajectory of ... 

Keywords: 802.11 wireless networks, cooperative scheduling, power 
conservation, proportional allocation, quality of service, streaming video 
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Publisher: ACM Press 
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A study of leading-edge HP object technology projects was conducted to 
understand the current state of object-oriented practice, and projects' 
object-oriented analysis and design method needs. In this paper, we distill 
general best practices and pitfalls from the lessons learned in these projects. We 
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also consider how the OOA/D methods support what the businesses have set out 
to accomplish, where they are deficient, and how they are being modified to 
better support project needs. We draw upon th ... 
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Real-time procedural shading was once seen as a distant dream. When the first 
version of this course was offered four years ago, real-time shading was possible, 
but only with one-of-a-kind hardware or by combining the effects of tens to 
hundreds of rendering passes. Today, almost every new computer comes with 
graphics hardware capable of interactively executing shaders of thousands to 
tens of thousands of instructions. This course has been redesigned to address 
today's real-time shading capabili ... 
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1 Virtual machine monitors: Terra: a virtual machine-based platform for trusted 
H> computing 

^ Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh 

October 2003 Proceedings of the nineteenth ACM symposium on Operating 

systems principles 
Publisher: ACM Press 

Full text available: ^jRdfQ40,.31 Additional Information: Mutation, abstract, references, citings, 
KB) index terms 

We present a flexible architecture for trusted computing, called Terra, that allows 
applications with a wide range of security requirements to run simultaneously on 
commodity hardware. Applications on Terra enjoy the semantics of running on a 
separate, dedicated, tamper-resistant hardware platform, while retaining the 
ability to run side-by-side with normal applications on a general-purpose 
computing platform. Terra achieves this synthesis by use of a trusted virtual 
machine monitor (TVMM ... 

Keywords: VMM, attestation, authentication, trusted computing, virtual 
machine, virtual machine monitor 



2 Pioneer: verifying code integrity and enforcing untampered code execution 
on legacy systems 

^ Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doom, Pradeep 
Khosla 

October 2005 ACM SIGOPS Operating Systems Review , Proceedings of the 
twentieth ACM symposium on Operating systems principles 
SOSP '05, Volume 39 Issue 5 

Publisher: ACM Press 

Full text available: f| pdf(264.30 Additiona | information: MlcM™, abstract, Terences, indexierms 
KB) 

We propose a primitive, called Pioneer, as a first step towards verifiable code 
execution on untrusted legacy hosts. Pioneer does not require any hardware 
support such as secure co-processors or CPU-architecture extensions. We 
implement Pioneer on an Intel Pentium IV Xeon processor. Pioneer can be used 
as a basic building block to build security systems. We demonstrate this by 
building a kernel rootkit detector. 
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Keywords: dynamic root of trust, rootkit detection, self-check-summing code, 
software-based code attestation, verifiable code execution 



Mobile services: Reincarnating PCs with portable Soul Pads | 
Ramon Cciceres, Casey Carter, Chandra Narayanaswami, Mandayam Raghunath 
June 2005 Proceedings of the 3rd international conference on Mobile 

systems, applications, and services MobiSys '05 
Publisher: ACM Press 

Full text available: gpdf(199.97 Mmona] information: full citation, abstract, rsferences 

The ability to walk up to any computer, personalize it, and use it as one's own 
has long been a goal of mobile computing research. We present SoulPad, a new 
approach based on carrying an auto-configuring operating system along with a 
suspended virtual machine on a small portable device. With this approach, the 
computer boots from the device and resumes the virtual machine, thus giving the 
user access to his personal environment, including previously running 
computations. SoulPad ha ... 

Wireless LAN security and laboratory designs 
Yasir Zahur, T. Andrew Yang 

January 2004 Journal of Computing Sciences in Colleges, Volume 19 Issue 3 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: f| pdf(181.24 AdditjonaI information: full citation , abstract , references , index terms 
KB) 

For the past couple of years, increasing number of wireless local area networks 
(WLANs), based on the IEEE 802.11 protocols, have been deployed in various 
types of locations, including homes, schools, airports, business offices, 
government buildings, military facilities, coffee shops, book stores, as well as 
many other venues. One of the primary advantages offered by WLAN is its ability 
to provide untethered connectivity to portable devices, such as wireless laptops 
and PDAs. In some remote comm ... 

Security as a new dimension in embedded system design: Security as a new 
dimension in embedded system design 

Srivaths Ravi, Paul Kocher, Ruby Lee, Gary McGraw, Anand Raghunathan 

June 2004 Proceedings of the 41st annual conference on Design automation 

Publisher: ACM Press 

Full text available: *^ pdf(209.10 Additional Information: full citation , abstract , references , citings , 
KB) indexjerms 

The growing number of instances of breaches in information security in the last 
few years has created a compelling case for efforts towards secure electronic 
systems. Embedded systems, which will be ubiquitously used to capture, store, 
manipulate, and access data of a sensitive nature, pose several unique and 
interesting security challenges. Security has been the subject of intensive 
research in the areas of cryptography, computing, and networking. However, 
despite these efforts, security is ... 

Keywords: PDAs, architectures, battery life, cryptography, design, design 
methodologies, digital rights management, embedded systems, performance, 
security, security processing, security protocols, sensors, software attacks, 
tamper resistance, trusted computing, viruses 
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6 Service infastructure and network management: Architecture and techniques 
dl> for diagnosing faults in IEEE 802.1 1 infrastructure networks 
^ Atul Adya, Paramvir Bahl, Ranveer Chandra, Lili Qiu 

September 2004 Proceedings of the 10th annual international conference on 

Mobile computing and networking 
Publisher: ACM Press 

Full text available: %pM?0?M Additional Information: full citation , abstract , references , index terms 
KB) 

The wide-scale deployment of IEEE 802.11 wireless networks has generated 
significant challenges for Information Technology (IT) departments in 
corporations. Users frequently complain about connectivity and performance 
problems, and network administrators are expected to diagnose these problems 
while managing corporate security and coverage. Their task is particularly 
difficult due to the unreliable nature of the wireless medium and a lack of 
intelligent diagnostic tools for determining the cause ... 

Keywords: IEEE 802.11, disconnected clients, fault detection, fault diagnosis, 
infrastructure wireless networks, rogue APs 
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Design challenges of virtual networks: fast, general-purpose communication 
Alan M. Mainwaring, David E. Culler 

May 1999 ACM SIGPLAN Notices , Proceedings of the seventh ACM SIGPLAN 
symposium on Principles and practice of parallel programming 
PPoPP '99, Volume 34 Issue 8 

Publisher: ACM Press 

Full text available: f")pdf(1 .57 MB) Additional Information: full citation, abstract, references, crtjncjs, 
jndex terms 

Virtual networks provide applications with the illusion of having their own 
dedicated, high-performance networks, although network interfaces posses 
limited, shared resources. We present the design of a large-scale virtual network 
system and examine the integration of communication programming interface, 
system resource management, and network interface operation. Our 
implementation on a cluster of 100 workstations quantifies the impact of 
virtualization on small message latencies and throughput ... 

Keywords: application programming interfaces, direct network access, 
high-performance clusters, protocol architecture and implementation, system 
resource management, virtual networks 



8 Deployment and testbeds: Enhancement of a WLAN-based int ernet service B 
in.Korea 

Youngkyu Choi, Jeongyeup Paek, Sunghyun Choi, Go Woon Lee, Jae Hwan Lee, 
Hanwook Jung 

September 2003 Proceedings of the 1st ACM international workshop on 

Wireless mobile applications and services on WLAIM hotspots 

Publisher: ACM Press 

Full text available: || pdf(774.23 Addit j ona | information: full citation , abstract , references , index terms 
KB) 

A wireless LAN (WLAN)-based Internet service, called NESPOT, of Korea Telecom 
(KT), the biggest telecommunication and Internet service company in Korea, has 
been operational since early 2002. As the numbers of subscribers and deployed 
access points (APs) increase, KT has been endeavoring to improve its service 
quality as well as the network management. In this paper, we introduce a joint 
effort between Seoul National University (SNU) and KT to achieve it. We have 
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been addressing two major issues ... 

Keywords: IEEE 802.11, LAN, hotspot service, wireless internet service provider 
(WISP) 

9 Service-oriented device communications using the devices profile for web 
services 

Francois Jammes, Antoine Mensch, Harm Smit 

November 2005 Proceedings of the 3rd international workshop on 

Middleware for pervasive and ad-hoc computing MPAC '05 

Publisher: ACM Press 

Full text available: "g.pdf(47?J2 Additional Information: full citation , abstract , references , index terms 
KB) 

This paper outlines the benefits of adopting service-oriented architectures at the 
level of communications between resource-constrained embedded devices. It 
focuses on the usage of the Devices Profile for Web Services as the underpinning 
of such architectures for "smart" devices and discusses an early implementation 
thereof. It further illustrates how "dumb" or "legacy" devices can be integrated 
using a gatewaying approach. 

Keywords: communication infrastructure, device networking, service-oriented 
architecture, web service 



10 DevirtualjzaW^ 
Ml maintenance 



David E. Lowell, Yasushi Saito, Eileen 3. Samberg 

October 2004 ACM SIGARCH Computer Architecture News , ACM SIGOPS 
Operating Systems Review , ACM SIGPLAN Notices , 
Proceedings of the 11th international conference on 
Architectural support for programming languages and 
operating systems ASPLOS-XI, Volume 32 , 38 , 39 Issue 5,5,11 

Publisher: ACM Press 

Full text available: pdf(174.01 Additional Information: full citation , abstract , references , citings , 
KB) iDdextejms 

Maintenance is the dominant source of downtime at high availability sites. 
Unfortunately, the dominant mechanism for reducing this downtime, cluster 
rolling upgrade, has two shortcomings that have prevented its broad acceptance. 
First, cluster-style maintenance over many nodes is typically performed a few 
nodes at a time, mak-ing maintenance slow and often impractical. Second, 
cluster-style maintenance does not work on single-node systems, despite the fact 
that their unavailability during mainte ... 

Keywords: availability, online maintenance, planned downtime, virtual 
machines 
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|b (in^desT?^) ~ 

^ T. von Eicken, A. Basu, V. Buch, W. Vogels 

December 1995 ACM SIGOPS Operating Systems Review , Proceedings of the 

fifteenth ACM symposium on Operating systems principles 

SOSP '95, Volume 29 Issue 5 
Publisher: ACM Press 
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12 ComjBjJatJj^xs^ 

Giuseppe Desoli, Nikolay Mateev, Evelyn Duesterwald, Paolo Faraboschi, Joseph A. 
Fisher 

November 2002 Proceedings of the 35th annual ACM/IEEE international 

symposium on Microarchitecture 
Publisher: IEEE Computer Society Press 

Full text available: *g pdf(1.27 MB) Additional Information: full citation , abstract , references , citings , 
9 Publisher Site index terms 

The Dynamic Execution Layer Interface (DELI) offers the following unique 
capability: it provides fine-grain control over the execution of programs, by 
allowing its clients to observe and optionally manipulate every single 
instruction— at run time— just before it runs. DELI accomplishes this by opening 
up an interface to the layer between the execution of software and hardware. To 
avoid the slowdown, DELI caches a private copy of the executed code and always 
runs out of its own private cache. In ... 

13 Functional verification — real users, real problems, real opportunities (panel) 
Jonah McLeod, Nozar Azarakhsh, Glen Ewing, Paul Gingras, Scott Reedstrom, Chris 

^ Rowen 

June 1999 Proceedings of the 36th ACM/IEEE conference on Design 
automation 

Publisher: ACM Press 

Full text available: 'gj) pdf(21.27 KB) Additional Information: full citation , citings , index terms 



14 An implementation and analysis of the virtual interface architecture I I 

Philip Buonadonna, Andrew Geweke, David Culler 
November 1998 Proceedings of the 1998 ACM/IEEE conference on 

Supercomputing (CDROM) 
Publisher: IEEE Computer Society 

Full text available: g htnri[60£3 Addit jonal Information: full citation , abstract , references , citings 
KB) 

Rapid developments in networking technology and a rise in clustered computing 
have driven research studies in high performance communication architectures. 
In an effort to standardize the work in this area, industry leaders have developed 
the Virtual Interface Architecture (VIA) specification. This architecture seeks to 
provide an operating system-independent infrastructure for high-performance 
user-level networking in a generic environment. This paper evaluates the 
inherent costs and performanc ... 

Keywords: cluster, interconnect, network, system-area, user-level, virtual 
interface architecture 



15 Wireless ATM — an overview rH 
Geert A. Awater, Jan Kruys 

December 1996 Mobile Networks and Applications, Volume 1 Issue 3 
Publisher: Kluwer Academic Publishers 

Full text available: ^.p.df(44.1.:?.? Additional Information: full [ citation, abstract, references, crtjnjgs, 
KB) index terms 
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This paper sketches the requirements and possibilities of wireless ATM in local 
area networks. Because of the wide range of services supported by ATM 
networks, ATM technology is expected to become the dominant networking 
technology in the mediumtermfor both public infrastructure networks and for 
local area networks. ATM infrastructure can support all types of services, from 
time-sensitive voice communications and desk-top multi-media conferencing, to 
bursty transaction processing and LAN tr ... 

16 Experiences of building an ATM switch for the local area | | 
yi|> Richard Black, Ian Leslie, Derek McAuley 

^ October 1994 ACM SIGCOMM Computer Communication Review , Proceedings 
of the conference on Communications architectures, protocols 
and applications SIGCOMM '94, Volume 24 Issue 4 
Publisher: ACM Press 

Full text available: Wi pdfl.M? MB] Additional Information: ML?.!tation, abstract, references, citings, 
^ " index terms 

The Fairisle project was concerned with ATM in the local area. An earlier paper 
[9] described the preliminary work and plans for the project. Here we present the 
experiences we have had with the Fairisle network, describing how 
implementation has changed over the life of the project, the lessons learned, and 
some conclusions about the work so far. 

17 Multihop wireless measurements: Cooperative packet scheduling via | | 
pipelining in 802,11 wireless networks 

Ramana Rao Kompella, Sriram Ramabhadran, Ishwar Ramani, Alex C. Snoeren 
August 2005 Proceeding of the 2005 ACM SIGCOMM workshop on 

Experimental approaches to wireless network design and 
analysis E-WIND '05 
Publisher: ACM Press 

Full text available: f|pdf(218.04 Addjtjona | information: full citation, abstract, references, index.tejms 



The proliferation of 802.11a/b/g based wireless devices has fueled their adoption 
in many domains -- some of which are unforseen. Yet, these devices lack native 
support for some of the advanced features (such as service differentiation, etc.) 
required in specific application domains. A subset of these features relies on 
cooperative scheduling whereby nodes cooperate among each other to effectively 
manage resources such as power, throughput and interference in wireless 
networks. The trajectory of ... 

Keywords: 802.11 wireless networks, cooperative scheduling, power 
conservation, proportional allocation, quality of service, streaming video 



18 Lessons from the experiences of leading-edge object technology projects in | | 
<|k Hewlett-Packard 

^ Ruth Malan, Derek Coleman, Reed Letsinger 

October 1995 ACM SIGPLAN Notices , Proceedings of the tenth annual 
conference on Object-oriented programming systems, 
languages, and applications OOPSLA '95, Volume 30 Issue 10 

Publisher: ACM Press 

Full text available: Wi pdftl 64 MB] Additional Information: Miration, abstract, references, citings, 
Index terms 

A study of leading-edge HP object technology projects was conducted to 
understand the current state of object-oriented practice, and projects' 
object-oriented analysis and design method needs. In this paper, we distill 
general best practices and pitfalls from the lessons learned in these projects. We 
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also consider how the OOA/D methods support what the businesses have set out 
to accomplish, where they are deficient, and how they are being modified to 
better support project needs. We draw upon th ... 

19 Kernel. korn^ Q 
Eric Biederman 

December 2001 Linux Journal, Volume 2001 Issue 92 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: l].htm!Q6 : 22 AddWona! |nformatjon: M citation, index terms 



20 Real-time shading | | 

Marc Olano, Kurt Akeley, John C. Hart, Wolfgang Heidrich, Michael McCool, Jason L. 

^ Mitchell, Randi Rost 

August 2004 Proceedings of the conference on SIGGRAPH 2004 course notes 

GRAPH '04 
Publisher: ACM Press 

Full text available: ^pdf(7.39„MB) Additional Information: Miration, abstract 

Real-time procedural shading was once seen as a distant dream. When the first 
version of this course was offered four years ago, real-time shading was possible, 
but only with one-of-a-kind hardware or by combining the effects of tens to 
hundreds of rendering passes. Today, almost every new computer comes with 
graphics hardware capable of interactively executing shaders of thousands to 
tens of thousands of instructions. This course has been redesigned to address 
today's real-time shading capabili ... 
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